Ios_xe - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Ios_xe
(Cisco)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	496

Date	Id	Summary	Products	Score	Patch	Annotated
2022-09-27	CVE-2021-27853	Layer 2 network filtering capabilities such as IPv6 RA guard or ARP inspection can be bypassed using combinations of VLAN 0 headers and LLC/SNAP headers.	Catalyst_6503\-E_firmware, Catalyst_6504\-E_firmware, Catalyst_6506\-E_firmware, Catalyst_6509\-E_firmware, Catalyst_6509\-Neb\-A_firmware, Catalyst_6509\-V\-E_firmware, Catalyst_6513\-E_firmware, Catalyst_6800ia_firmware, Catalyst_6807\-Xl_firmware, Catalyst_6840\-X_firmware, Catalyst_6880\-X_firmware, Catalyst_c6816\-X\-Le_firmware, Catalyst_c6824\-X\-Le\-40g_firmware, Catalyst_c6832\-X\-Le_firmware, Catalyst_c6840\-X\-Le\-40g_firmware, Ios_xe, Meraki_ms210_firmware, Meraki_ms225_firmware, Meraki_ms250_firmware, Meraki_ms350_firmware, Meraki_ms355_firmware, Meraki_ms390_firmware, Meraki_ms410_firmware, Meraki_ms420_firmware, Meraki_ms425_firmware, Meraki_ms450_firmware, N9k\-C9316d\-Gx_firmware, N9k\-C9332d\-Gx2b_firmware, N9k\-C9348d\-Gx2a_firmware, N9k\-C93600cd\-Gx_firmware, N9k\-C9364d\-Gx2a_firmware, N9k\-X9432c\-S_firmware, N9k\-X9464px_firmware, N9k\-X9464tx2_firmware, N9k\-X9564px_firmware, N9k\-X9564tx_firmware, N9k\-X9636c\-R_firmware, N9k\-X9636c\-Rx_firmware, N9k\-X97160yc\-Ex_firmware, N9k\-X9732c\-Ex_firmware, N9k\-X9732c\-Fx_firmware, N9k\-X9736c\-Ex_firmware, N9k\-X9736c\-Fx_firmware, N9k\-X9788tc\-Fx_firmware, Nexus_92160yc\-X_firmware, Nexus_92300yc_firmware, Nexus_92304qc_firmware, Nexus_92348gc\-X_firmware, Nexus_9236c_firmware, Nexus_9272q_firmware, Nexus_93108tc\-Ex_firmware, Nexus_93108tc\-Fx3p_firmware, Nexus_93108tc\-Fx_firmware, Nexus_93120tx_firmware, Nexus_93180yc\-Ex_firmware, Nexus_93180yc\-Fx3_firmware, Nexus_93180yc\-Fx_firmware, Nexus_93216tc\-Fx2_firmware, Nexus_93240yc\-Fx2_firmware, Nexus_9332c_firmware, Nexus_93360yc\-Fx2_firmware, Nexus_9336c\-Fx2\-E_firmware, Nexus_9336c\-Fx2_firmware, Nexus_9348gc\-Fxp_firmware, Nexus_9364c\-Gx_firmware, Nexus_9364c_firmware, Nexus_9432pq_firmware, Nexus_9504_firmware, Nexus_9508_firmware, Nexus_9516_firmware, Nexus_9536pq_firmware, Nexus_9636pq_firmware, Nexus_9716d\-Gx_firmware, Nexus_9736pq_firmware, Nexus_9800_firmware, Nexus_x9636q\-R_firmware, Sf500\-18p_firmware, Sf500\-24_firmware, Sf500\-24p_firmware, Sf500\-48_firmware, Sf500\-48mp_firmware, Sf\-500\-24mp_firmware, Sg500\-28_firmware, Sg500\-28mpp_firmware, Sg500\-28p_firmware, Sg500\-52_firmware, Sg500\-52mp_firmware, Sg500\-52p_firmware, Sg500x\-24_firmware, Sg500x\-24mpp_firmware, Sg500x\-24p_firmware, Sg500x\-48_firmware, Sg500x\-48mpp_firmware, Sg500x\-48p_firmware, Ieee_802\.2, P802\.1q	4.7
2023-10-16	CVE-2023-20198	Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal...	Ios_xe, Allen\-Bradley_stratix_5200_firmware, Allen\-Bradley_stratix_5800_firmware	10.0
2024-03-27	CVE-2024-20259	A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a crafted IPv4 DHCP request packet being mishandled when endpoint analytics are enabled. An attacker could exploit this vulnerability by sending a crafted DHCP request through an affected device. A successful exploit could allow the attacker to...	Ios_xe	8.6
2023-10-10	CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.	Http_server, Opensearch_data_prepper, Apisix, Solr, Tomcat, Traffic_server, Swiftnio_http\/2, Caddy, Connected_mobile_experiences, Crosswork_data_gateway, Crosswork_zero_touch_provisioning, Data_center_network_manager, Enterprise_chat_and_email, Expressway, Firepower_threat_defense, Fog_director, Ios_xe, Ios_xr, Iot_field_network_director, Nx\-Os, Prime_access_registrar, Prime_cable_provisioning, Prime_infrastructure, Prime_network_registrar, Secure_dynamic_attributes_connector, Secure_malware_analytics, Secure_web_appliance_firmware, Telepresence_video_communication_server, Ultra_cloud_core_\-_policy_control_function, Ultra_cloud_core_\-_serving_gateway_function, Ultra_cloud_core_\-_session_management_function, Unified_attendant_console_advanced, Unified_contact_center_domain_manager, Unified_contact_center_enterprise, Unified_contact_center_enterprise_\-_live_data_server, Unified_contact_center_management_portal, Debian_linux, H2o, Jetty, Envoy, Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_advanced_web_application_firewall, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_application_visibility_and_reporting, Big\-Ip_carrier\-Grade_nat, Big\-Ip_ddos_hybrid_defender, Big\-Ip_domain_name_system, Big\-Ip_fraud_protection_service, Big\-Ip_global_traffic_manager, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_next, Big\-Ip_next_service_proxy_for_kubernetes, Big\-Ip_policy_enforcement_manager, Big\-Ip_ssl_orchestrator, Big\-Ip_webaccelerator, Big\-Ip_websafe, Nginx, Nginx_ingress_controller, Nginx_plus, Proxygen, Fedora, Go, Http2, Networking, Grpc, Http, Istio, Jenkins, Http2, Kong_gateway, Armeria, Linkerd, \.net, Asp\.net_core, Azure_kubernetes_service, Cbl\-Mariner, Visual_studio_2022, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Astra_control_center, Oncommand_insight, Netty, Nghttp2, Node\.js, Openresty, Contour, 3scale_api_management_platform, Advanced_cluster_management_for_kubernetes, Advanced_cluster_security, Ansible_automation_platform, Build_of_optaplanner, Build_of_quarkus, Ceph_storage, Cert\-Manager_operator_for_red_hat_openshift, Certification_for_red_hat_enterprise_linux, Cost_management, Cryostat, Decision_manager, Enterprise_linux, Fence_agents_remediation_operator, Integration_camel_for_spring_boot, Integration_camel_k, Integration_service_registry, Jboss_a\-Mq, Jboss_a\-Mq_streams, Jboss_core_services, Jboss_data_grid, Jboss_enterprise_application_platform, Jboss_fuse, Logging_subsystem_for_red_hat_openshift, Machine_deletion_remediation_operator, Migration_toolkit_for_applications, Migration_toolkit_for_containers, Migration_toolkit_for_virtualization, Network_observability_operator, Node_healthcheck_operator, Node_maintenance_operator, Openshift, Openshift_api_for_data_protection, Openshift_container_platform, Openshift_container_platform_assisted_installer, Openshift_data_science, Openshift_dev_spaces, Openshift_developer_tools_and_services, Openshift_distributed_tracing, Openshift_gitops, Openshift_pipelines, Openshift_sandboxed_containers, Openshift_secondary_scheduler_operator, Openshift_serverless, Openshift_service_mesh, Openshift_virtualization, Openstack_platform, Process_automation, Quay, Run_once_duration_override_operator, Satellite, Self_node_remediation_operator, Service_interconnect, Service_telemetry_framework, Single_sign\-On, Support_for_spring_boot, Web_terminal, Traefik, Varnish_cache	7.5
2023-09-27	CVE-2023-20109	A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash. This vulnerability is due to insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker...	Ios, Ios_xe	6.6
2017-08-07	CVE-2017-6663	A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of service (DoS) condition. More Information: CSCvd88936. Known Affected Releases: Denali-16.2.1 Denali-16.3.1.	Ios, Ios_xe	6.5
2017-09-07	CVE-2017-6627	A vulnerability in the UDP processing code of Cisco IOS 15.1, 15.2, and 15.4 and IOS XE 3.14 through 3.18 could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a denial of service (DoS) condition. The vulnerability is due to Cisco IOS Software application changes that create UDP sockets and leave the sockets idle without closing them. An attacker could exploit this vulnerability by sending UDP...	Ios, Ios_xe	7.5
2017-03-17	CVE-2017-3881	A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: (1) the failure to restrict the use of CMP-specific Telnet...	Ios, Ios_xe	9.8
2016-09-19	CVE-2016-6415	The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN.	Ios, Ios_xe, Ios_xr	7.5
2018-03-28	CVE-2018-0167	Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. Cisco Bug IDs: CSCuo17183, CSCvd73487.	Ios, Ios_xe, Ios_xr	8.8